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Claim Rejections - 35 USC §112 

1 . The following is a quotation of the second paragraph of 35 U.S.C. 1 1 2: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

Claims 1 and 10 are rejected under 35 U.S.C. 112, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. 

There is no antecedent basis for "the physical SSO entry point" as now recited in 
claim 1 and there is no antecedent basis for " the Single Sign-On service" as now recited 
in claim 10. 

Claim Rejections - 35 USC § 103 

2. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as 
set forth in section 102 of this title, if the differences between the subject matter sought to be 
patented and the prior art are such that the subject matter as a whole would have been obvious 
at the time the invention was made to a person having ordinary skill in the art to which said 
subject matter pertains. Patentability shall not be negatived by the manner in which the invention 
was made. 

3. Claims 1-14 and 19 are rejected under 35 U.S.C. 103(a) as obvious over WO 
02/011 467 to Jones et al. (hereinafter "Jones") in view of U.S. Pat. Pub. No. 
2003/0051041 to Kalavade et al. (hereinafter "Kalavade") and U.S. Patent 7,184,764 to 
Raviv et al. (hereinafter "Raviv"). 

Regarding claim 1 , it is noted that the recited term "Single Sign-On" may be broadly 
interpreted to mean signing on to a network one time. Regarding the structures recited 
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in claim 1 , Jones teaclies a visited Serving GPRS Node 27, wliicli is connected to a 
Roaming RADIUS Server 37 and a Home RADIUS server 34, which are connected and 
function as recited in claim 1 . See for example. Figs. 1 and 4, the description thereof. 
Additionally, as the system described in Jones operates with a home server 34 located 
in San Francisco and a roaming server 37 located in New York, the visited GPRS 
support node 27 included within the Radio Network Controller 24, may be interpreted as 
the claimed "global Single Sign-On Front End infrastructure." Although Jones teaches 
that the visited AAA (RADIUS) server 37 communicates with the home AAA server 34, 
Jones does not explicitly disclose that the visiting AAA server "binds the home AAA 
server address with the user's identifiers." In an analogous art, Kalavade teaches a 
system for consolidated billing used with roaming wireless devices. See for example. 
Fig. 1 of Kalavade. Kalavade teaches that a user may enter a phone number and 
password via a Converged Billing /Authentication Gateway (CBG) server 10, in order to 
access services in a home network. Kalavade also includes a CBG database 14 used 
to store information relating to a roaming user and related information. Kalavade shows 
(on pages 11-13) the details of the information stored relating to a roaming user, which 
include IP addresses of WLAN endpoints, such as for example, a home billing system 
or HLR, etc. Therefore, in order to increase the efficiency of billing procedures and 
communications, it would have been obvious to modify the visited AAA server of Jones 
to include the capability of binding a user's identifiers with a home AAA server as taught 
by Kalavade. 
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Regarding tine amendments to claim 1 , wliich now recite that "each service 
provider in the federation providing a specific Uniform Resource Identifier (URI) as the 
physical SSO entry point towards the federation", Jones and Kalavade do not explicitly 
teach this feature, although Jones does teach (on page 11) using a network access 
identifier such as "user@realm" and identifying one of a number of service providers. 

In an analogous art, Raviv teaches a system for allowing roaming mobile devices 
to access their home networks via a visitor portal 500 (see for example. Fig. 5). Raviv 
teaches in column 22, lines 13-26, that "The visitor portal database may store the 
VPN/corporate network address (URL), connection type, and the nature of the user's 
association with the network." Additionally, Raviv teaches in column 22, line 58 to 
column 23, line 7, that "The interfacing apparatus 604 then connects the WAP phone 
600 directly to the URL of the data service network server, and manages data 
communications between the device and the service network until the device exits the 
data service". It is noted that as a URL is a subset of, or a specific type of URI, a URL 
may be interpreted as being a URI, as recited. 

Therefore, as Raviv teaches the conventionality of providing network services to 
roaming users via a URI, it would have been obvious to one of ordinary skill in the art to 
modify the system of Jones/Kalavade to additionally provide a URI from each service 
provider (as recited) in order to efficiently provide a direct link (and communications) to 
a user's home network. 
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Regarding claims 2-3, the CBG database 14 of Kalavade teaches the recited 
features of the "Global Directory". 

Regarding the information recited in claims 4-6, as described above, Kalavade 
shows on pages 11-13 the details stored in the CBG database, which include the 
recited IP addresses, user identifiers, passwords and time stamp recited in these 
claims. 

Regarding claims 7-9, Jones teaches a roaming agreement between ISPs, which 
meets the recited "number of service providers." Although Jones shows only one 
visited GPRS node 27 used to access a visited network, it is common for a plurality of 
networks to be connected. Kalavade teaches in section [0204] that each network 
and/or "hot spot" "typically has its own authentication infrastructure". Therefore it would 
have been obvious to modify Jones to include sign on infrastructure for each connected 
network and/or service provider, in order to allow roaming users to sign on to any 
available network. 

Regarding claim 10, as described above, Jones teaches a system for 
authenticating roaming users. Figs. 3-5 of Jones shows the claimed steps of (a) 
authenticating a roaming user in a visited packet radio network, via a proxy (see page 9 
lines 26-29 of Jones which teaches that "In decision step 3, the partner radius server 37 
verifies user ID and password", where the visited partner radius server 37 
"authenticates" and acts as a "proxy", as now recited) (b) creating a master session at 
the user's home service network (c) redirecting a user towards the user's home network 
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and (d) receiving an authentication from tine liome server. Jones does not explicitly 
disclose that the master session created in the user's home network is created with 
"Single Sign-On related data, as recited in step (b). As described above, Kalavade 
teaches a system for consolidated billing used with roaming wireless devices where a 
user may enter a phone number and password via a Converged Billing /Authentication 
Gateway (CBG) server 10, in order to access services in a home network. Kalavade 
further teaches of forwarding "single sign on related data" such as the entered phone 
number, IMSI number and information as shown in the table on pages 11-13, to 
backend accounting and billing servers/systems. Therefore, in order to correctly track, 
identify and bill roaming users within a network, it would have been obvious to modify 
the home RADIUS server of Jones to include the capability of creating a master session 
with single sign on related data, as shown in Kalavade. 

Regarding the amendments to claim 10, which now recite that "each service 
provider in the federation providing a specific Uniform Resource Identifier as the Single 
Sign-On service", Jones and Kalavade do not explicitly teach this feature, although 
Jones does teach (on page 1 1 ) using a network access identifier such as "user@realm" 
and identifying one of a number of service providers. 

In an analogous art, Raviv teaches a system for allowing roaming mobile devices 
to access their home networks via a visitor portal 500 (see for example, Fig. 5). Raviv 
teaches in column 22, lines 13-26, that "The visitor portal database may store the 
VPN/corporate network address (URL), connection type, and the nature of the user's 
association with the network." Additionally, Raviv teaches in column 22, line 58 to 



Application/Control Number: 1 0/541 ,934 Page 7 

Art Unit: 2617 

column 23, line 7, that "The interfacing apparatus 604 then connects the WAP phone 
600 directly to the URL of the data service network server, and manages data 
communications between the device and the service network until the device exits the 
data service". It is noted that as a URL is a subset of, or a specific type of URI, a URL 
may be interpreted as being a URI, as recited. 

Therefore, as Raviv teaches the conventionality of providing network services to 
roaming users via a URI, it would have been obvious to one of ordinary skill in the art to 
modify the system of Jones/Kalavade to additionally provide a URI from each service 
provider (as recited) in order to efficiently provide a direct link (and communications) to 
a user's home network. 

Regarding claims 1 1 and 13, Kalavade shows a table on pages 1 1-13 that 
include the recited IP addresses, user identifiers, passwords and time stamp, recited in 
these claims. 

Regarding claim 12, Kalavade teaches assigning a GRPS node to the user and 
transmitting the address of the GGSN used. See for example. Fig. 1 1 and information 
in the table on pages 11-13. 

Regarding claim 14, Jones shows the visited AAA server 37, connected and 
acting as a proxy between the GPRS Support node and the home AAA server. 

Regarding claim 19, Kalavade teaches providing addresses of devices (recited 
"entities") validating and authenticating user information. 
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6. Claims 15-18 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Jones and Kalavade as applied to claims 1-14 above, and further in view of U.S. Patent 
6,578,085 to Khalil et at. (hereinafter "Khalil"). Claim 15 recites "determining the visited 
network which assigned the current IP address to the user". Khalil teaches tracking IP 
addresses assigned to a mobile node, where the IP addresses are assigned by a 
number of foreign networks. Khalil further teaches "determining visited networks which 
assigned IP addresses to a user", as shown in Figs. 10-13, which detail and describe 
the communications between the home and foreign networks regarding the registering 
and deregistering of IP addresses assigned to the mobile node by the foreign networks. 
Therefore, in order to correctly track, identify and bill roaming users within a number of 
networks, it would have been obvious to modify the Jones/Kalavade combination to 
include the capability of determining visited networks, as shown in Khalil. 

7. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 

§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
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shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Steven Kelley whose telephone number is (571 ) 272- 
5652. The examiner can normally be reached on Monday-Friday, 9AM to 5PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Lester Kincaid can be reached on (571) 272-7922. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
SSK 

/Lester Kincaid/ 

Supervisory Patent Examiner, Art Unit 2617 



